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Examiner 
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Art Unit 

2155 



- The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 

- Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1 )□ Responsive to communication(s) filed on 23 January 2003 . 
2a)S This action is FINAL. 2b)Q This action is non-final. 

3) Q Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 
Disposition of Claims 

4) D Claim(s) 79-117 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Ciaim(s) is/are allowed. 

6) D Claim(s) 79-117 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10)D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
1 1 )□ The proposed drawing correction filed on is: a)D approved b)D disapproved by the Examiner. 

If approved, corrected drawings are required in reply to this Office action. 

12) D The oath or declaration is objected to by the Examiner. 
Priority under 35 U.S.C. §§119 and 120 

13) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 

a)DAII b)Q Some*c)Q None of: 

1 .□ Certified copies of the priority documents have been received. 

2. D Certified copies of the priority documents have been received in Application No. . 

3. Q Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 

14) D Acknowledgment is made of a claim for domestic priority under 35 U.S.C. § 1 19(e) (to a provisional application). 

a) D The translation of the foreign language provisional application has been received. 

15) D Acknowledgment is made of a claim for domestic priority under 35 U.S.C. §§ 120 and/or 121. 
Attachment(s) 

1) Kl Notice of References Cited (PTO-892) 4) □ Interview Summary (PTO-413) Paper No(s). . 

2) □ Notice of Draftsperson's Patent Drawing Review (PTO-948) 5) D Notice of Informal Patent Application (PTO-152) 

3) □ Information Disclosure Statement(s) (PTO-1449) Paper No(s) . 6) □ Other: 
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DETAILED ACTION 



1. This is in response to the Amendment filed on 12/17/2003 (paper # 9) and supplemental 
amendment filed on 1/9/2003 (paper # 10). Claims 1-78 are canceled. New claims 79-117 are 
presented for examination. 



2. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 
122(b), by another filed in the United States before the invention by the applicant for 
patent or (2) a patent granted on an application for patent by another filed in the United 
States before the invention by the applicant for patent, except that an international 
application filed under the treaty defined in section 351(a) shall have the effects for 
purposes of this subsection of an application filed in the United States only if the 
international application designated the United States and was published under Article 
21(2) of such treaty in the English language. 

3. Claims 79-82, 84, 88, 97-100, 102, 108, 113, 116 and 117 are rejected under 35 
U.S.C. 102(e) as being anticipated by Rangarajan et al U.S. pat. No.6, 510,439. 

As to claim 79, Rangarajan discloses a system for transfer of secure data on a network 
comprising: 

a) a client (20 fig.l) capable of presenting conforming client data. 

b) a server (HTTP server 16 fig.l) capable of using said conforming client data to create 
at least one secure cookie (i.e., processing data upon receiving request from a client, see fig.l, 
abstract, col. 3 line 9 to col.4 line 41), each of said at least one secure cookie including: 



Claim Rejections - 35 USC § 102 
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i) a domain field capable of holding domain data to associate said secure cookie to a 
domain where said secure cookie is valid (i.e., containing a domain field which stores data 
indicating the server-side domain, see col.6 lines 8-36 and col.7 lines 31-65). 

ii) at least one name field capable of holding name data (using PATH field which is a 
prefixed of the requested URL, see col.6 lines 19-54). 

iii) at least one value field capable of holding value data derived from said 
conforming client data (see fig.3, col.6 line 51 to col.7 line 44). 

iv) an expiration field capable of holding cookie expiration data (EXPIRE field, 
col.6 lines 38-50). 

c) a network capable of transporting at least one of said at least one secure cookie 
between said server and said client (see fig.2, col.4 line 50 to col.5 line 55). 

d) a client storage means capable of storing at least one of said at least one secure cookie 
and a secure attribute service between said client and said server using said at least one 
of said at least one secure cookie (processing secure data exchange from the client and 
server through State Management Server, see col.2 lines 36-60 and col.4 lines 17-59). 

As to claims 80 and 81, Rangarajan disclose a web browser (see col.7 lines 52-65) and at 
least one of said at least one secure cookie is an authentication cookie (see col.6 lines 19-58). 

As to claim 82, Rangarajan discloses the secure attribute service including said server 
authenticating said client by comparing said conforming client data to said value data (using the 
client software to match the server's domain with the domain attribute, see col.6 lines 8-58). 
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As to claims 84 and 102, Rangarajan discloses that the authentication cookie is a password 
cookie and said conforming client data includes a password (see col.l lines 21-59). 

As to claims 88 and 108, Rangarajan discloses a secret-key based authentication service (see 
col.7 line 18 to col.8 line 48). 

As to claim 97, 98 and 116, Rangarajan at least one of said at least one secure cookie is used in 
an electronic transaction and a part of a role based access control system and at least one of said 
at least one secure cookie is used in assigning client roles (see col.7 line 7 to col.8 line 56). 

As to claim 99, Rangarajan discloses a method for the transfer of secure data on a network 
including the steps of: 

a client (20 fig.l) making a request from a server (16 fig. 1) and said server retrieving 
conforming client data (see col.4 lines 17-59). 

said server creating at least one secure cookie, each of said at least one secure cookie 
including selected conforming client data, said selected conforming data including at least some 
of said conforming client data (see processing data using cookies, see fig.l, abstract, col.3 line 9 
to col.4 line 41). 

said server transmitting at least one of said at least one secure cookie to said client and 
said client storing at least one of said at least one secure cookie (see col.6 line 19 to col.7 line 
44). 
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said client presenting to a related server at least one of said stored at least one secure 
cookie with a second request, said related server residing on the same domain as said server (i.e., 
containing a domain field which stores data indicating the server-side domain, see col. 6 lines 8- 
36 and col. 7 lines 31-65). 

said related server making a determination of whether at least one of said at least one 
retrieved stored at least one secure cookie contains said selected conforming client data and said 
related server fulfilling said second request if said determination is positive (i.e., processing 
secure data exchange from the client and server 

through State Management Server, see col.2 lines 36-60 and col.7 line 66 to col. 8 line 62). 

As to claim 100, Rangarajan discloses said conforming client data in retrieved from said client 
(see col.4 lines 10-59). 

As to claim 113, Rangarajan discloses determination is positive only if said selected conforming 
client data was retrieved by said server from said client during the current session (see col.5 line 
9 to col.6 line 58). 



As to claim 117, Rangarajan discloses a request is part of an attribute-based access control 
function (see col.7 line 6 to col. 8 line 56). 
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Claim Rejections - 35 USC § 103 



4. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or 
described as set forth in section 102 of this title, if the differences between the subject 
matter sought to be patented and the prior art are such that the subject matter as a whole 
would have been obvious at the time the invention was made to a person having ordinary 
skill in the art to which said subject matter pertains. Patent ability shall not be negative 
by the manner in which the invention was made. 

5. Claims 83, 85, 86, 87, 90- 96, 101, 104-107, 109-1 1 1 and 1 14 are rejected under 35 
U.S.C. 103(a) as being unpatentable over Rangarajan et al U.S. pat. No. 6,5 10,439 in view of 
Wiser et al US pat. No.6,385,596. 

As to claims 83, 85, 86, 87, 96, 101, 104, 1 1 1 and 1 14, Rangarajan c s teachings still applied as 
in item 2 above. Rangarajan does not specifically disclose the client's IP address, a hashing 
algorithm, an encryption algorithm, a digital signature on a timestamp and an encryption session 
key. However, Wiser discloses the client's IP address, a hashing algorithm, an encryption 
algorithm and an encryption session key (using multiple levels of encryptions, see abstract, 
col.10 line 13 to col.12 line 54 and col. 16 line 4 to col. 19 line 59 and col.20 line 10 to col.21 
line 61). It would have been obvious to one of the ordinary skill in the art at the time the 
invention was made to implement Wiser' s teachings into the computer system of Rangarajan to 
identify a host computer because it would have enabled users to identify a host connected to the 
Internet to other Internet hosts and provided more secure delivery of data over the Internet. 



As to claims 90 and 91, Rangarajan discloses at least one secure cookie includes a multitude of 
secure cookies and a seal cookie capable of being used by said server to determine if another 
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cookie in said multitude of secure cookies has been altered (using the Registration Table, see 
col.7 line 6 to col.8 line 62). 

As to claims 92, 93 and 109, Rangarajan discloses that the seal cookie includes an integrity 
check value and the signature of a message digest signed using a private key (see col.9 line 23 to 
col. 10 line 59). 

As to claims 94 and 95, Rangarajan discloses at least one of said at least one name field and at 
least one of said at least one value field are a pair, and one secure cookie further includes a flag, 
said flag specifying whether all machines within said domain referenced by said domain data can 
access said value data (i.e., NAME and VALUE pair, col.6 lines 8-58). 

As to claims 105 -107 and 110, Wiser discloses determination further includes verifying that 
digital signature belongs to said client and including the step of said server encrypting at least 
some of said selected conforming client data, a public key and a secret key (see col. 10 line to 
col. 12 line 54 and col. 16 line 4 to col. 19 line 59). It would have been obvious to one of the 
ordinary skill in the art at the time the invention was made to implement Wiser 5 s teachings into 
the computer system of Rangarajan to identify a host computer because it would have enabled 
users to identify a host connected to the Internet to other Internet hosts and provided more secure 
delivery of data over the Internet. 
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5. Claims 89, 103, 1 12 and 1 15 are rejected under 35 U.S.C. 103(a) as being unpatentable 
Rangarajan and Weiser as in item 4 above and further in view of Klingman US pat. 
No.5,729,594. 

Rangarajan and Wiser's teachings still applied as in item 4 above. Neither Rangarajan 
nor Wiser specifically discloses a KT cookie and a Kerberos ticket. However, the use of a KT 
cookie and Kerberos ticket using a Kerberos protocol in cryptography is generally well known in 
the art as disclosed by Klingman (see col.3 lines 6-59). It would have been obvious if not 
inherent to one of the ordinary skill in the art at the time the invention was made to utilize such 
well known feature in the computer network of Rangarajan to support secure online transactions 
because it would have allowed registered users to write electronic checks to other users securely 
(see Klingman's col.3 lines 560). 

Other prior art cited 

6. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. 

a. Angles et al. s US pat. No.5,933,81 1. 

b. Hoffinan,USpat.No.6,460,071. 

Response to Arguments 

6. Applicant's arguments with respect to claims 80-1 17 have been considered but 
are moot in view of the new ground(s) of rejection. 



Conclusion 
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7. Claims 79-117 are rejected. 

7. Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 

8. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Khanh Dinh whose telephone number is 703-308-8528. The 
examiner can normally be reached on 8:00 AM to 5:00 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on 703-305-9468. The fax phone numbers for the 
organization where this application or proceeding is assigned are 703-746-5510 for regular 
communications and 703-746-7239 for After Final communications. 

Any inquiry of a general nature or relating to the status of this application or proceeding 
should be directed to the receptionist whose telephone number is 703-305-9600. 
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Khanh Dinh 
Examiner 
Art Unit 2155 
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April 3, 2003 
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